The Repository Settings page enables you to configure key settings for your repository. The page is divided into a number of sections:
Basic Information set name and identity information
Data Retention configure the deta retention settings for the repository
Permissions controls user access to the repository
Ingest Tokens configure ingest tokens for ingesting and parsing data
Block Ingest allows you to block the ingest of data
Data Sources control the data sources for a Repository
Ingest Listeners configure listeners for ingesting specific data types through integrations
S3 Archiving (Self-Install) configure archiving of ingested logs to Amazon S3
Event Forwarding forward events that are ingested into LogScale to other systems (for LogScale Self-Hosted only)
Event List Interactions enables accessing the Interactions overview page.
Danger Zone enables changing the repository name or deleting the repository
The creation, configuration and installation of Packages is described in the dedicated documentation, which you can find in Packages for more information.
Note that the exact list of available options in this view will depend on
the user permissions and repo.
System repos, for example, cannot be
deleted and so the Danger Zone
will not be shown. The user
repo also cannot be deleted, and cannot be configured with multiple users.
The Settings tab, specifically the General section where you may enter some Basic Information on the repository. This description, along with the name of the repository, will appear on the Repositories tab when you first log into the LogScale Interface.
Figure 44. Basic Settings
Repository description is a description of the repository; to update the description, type in the field and click .
Repository type specifies the type of repository, for example a trial or a managed repository. An example of managed repository is Falcon LTR.
Repository usage tag specifies a tag for the repository so that repositories can be grouped; to specify or update a tag, type the tag and click .
Automatic search specifies if the search should be started automatically when the search page is loaded or not, selected or deselect the checkbox to change the setting.
Default query specifies the query which is loaded by default when the search pages is loaded.
The data retention configures when LogScale will delete events from the repository. Old data will automatically be removed when any one of the configured limits is reached.
Clickand configure the fields as required,
Ingest limit in GB (Uncompressed)
Automatically deletes old data when the ingest limit (raw data size) is reached.
Storage size limit in GB (Uncompressed)
Automatically deletes old data when the stored data, including fields and data expanded or filters during parsing, is reached.
Time limit in days
Automatically deletes old data when the event @timestamp passes beyond the configured limit.
The maximum customer configurable limit within LogScale Cloud deployments is 365 days. Please contact support if you would like a limit higher than this.
Once you have finished editing click.
Repository access can be configured on a per-user basis by adding a user and setting their role for each repo.
Figure 45. User Permissions
Select a repository from the Repositories and Views page and click Settings on the menu.
To add a user to this repository, click Permissions under Access Control.
Click theand add users and then you will be prompted to set their role.
For more information on user management, see Security & Authentication.
On this page you can manage the ingest tokens and assigned parsers, for more information on generating, editing and deleting tokens and assigning parsers to tokens see Ingest Tokens.
Figure 46. Ingest Tokens
The Block Ingest page enables you to temporarily block ingestions for a short period of time, after which it will be re-enabled. This can be useful in a variety of situations where the level of ingestion and activity are causing performance or reporting problems.
For more information, see Disabling Ingestion.
Figure 47. Block Ingest
LogScale segments data into indexes called, data sources which are created automatically as data is ingested into the repository. You can't create them in this section of the User Interface. You can only delete them. You might do this if a data source is old and no longer needed and you want to save the space.
Figure 48. Data Sources
Deleting a Datasource
Click the rubbish bin icon next to the datasource to delete the datasource. This is a permanent deletion.
Datasources can be tagged meaning that you can create your own tags and assign them to events. See the Event Tags documentation page for more information on tags.
Figure 49. Danger Zone
The Danger Zone provides access to two areas of the repository settings which have the potential to modify or alter data:
Repository Name — enables you to change the name. Note that this will change the URL and API calls associated with the repo, and may also affect the queries and automated actions associated with the repo.
The Destroy this repository option is not available to Cloud users. You must contact support to delete a repository.
The Packages area allows you to install packages, verify the packages which are installed and create a custom package, see the dedicated documentation Packages for more information.